แนะนำ Open Source Linux Firewall น่าใช้งาน

1. IPFire (www.ipfire.org)
IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux. Its ease of use, high performance in any scenario and extensibility make it usable for everyone.
IPFire is a Linux-based stateful firewall distro that’s built on top of Netfilter. It began as a fork of the IPCop project, but has since been rewritten based on Linux From Scratch. IPFire can be deployed on a wide variety of hardware, including ARM devices such as the Raspberry Pi.


2. OPNsense (www.opnsense.org)
Free & Open source – Everything essential to protect your network and more

OPNSense is derived from the efforts of two mature open source projects, namely pfSense and m0n0wall.

Instead of using Linux, OPNsense is powered by HardenedBSD, which is a security oriented fork of FreeBSD. The firewall distro is designed to serve as a firewall and routing platform and besides filtering traffic can also be used to display a captive portal, shape traffic, detect and prevent intrusions, as well as setup a Virtual Private Network (VPN), and lots more.

In its bid to respond to threats in a timely fashion, the firewall distro offers weekly security updates. One of the best features about OPNsense is that it exposes all its functionalities from inside a web-based interface, which is a pleasure to use and is available in multiple languages.


3. pfSense (www.pfsense.org)
Best free Linux firewall that’s feature-rich and FreeBSD-based
pfSense describes itself as the most trusted open source firewall. The original FreeBSD-based firewall distro, pfSense shares many similarities with OPNsense. For instance, in addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features. To begin with, just like with OPNsense, you can use pfSense to deploy an intrusion prevention system as well as enable VPN access.
An open-source security solution with a custom kernel based on FreeBSD OS. pfSense is one of the leading network firewalls with a commercial level of features.


4. ClearOS (www.clearos.com)

ClearOS is a CentOS-based distro that’s designed as a full featured replacement to commercial server distros like Red Hat Enterprise Server or Windows Small Business Server.
There are several editions of ClearOS including a community-supported edition that is offered as a no-cost free download. You can use the community edition of ClearOS to roll out all kinds of network services including a firewall, with content filtering and intrusion detection capabilities.
The best thing about ClearOS is its ease of deployment. As most firewall distros are written for the stereotypical geek, it’s nice to see a refreshing change in what seems to have become the de facto standard of ‘cobble it together and think about the interface afterwards’.


5. Endian Firewall Community  (www.endian.com/community)
Endian Firewall Community (EFW) is a turn-key Linux based security software product designed for home that can transform any unused hardware appliance into a full-featured Unified Threat Management (UTM) solution. Endian Community is designed to make security simple and help protect home networks by using the power of Open Source.


6. Smoothwall (www.smoothwall.org)
Smoothwall Express is a free solution with a simple web interface to configure, manage the firewall.
The Smoothwall Open Source Project was set up in 2000 to develop and maintain Smoothwall Express – a Free firewall that includes its own security-hardened GNU/Linux operating system and an easy-to-use web interface.


7. IPCop (www.ipcop.org)
The IPCop Firewall is a Linux firewall distribution. It is geared towards home and SOHO users. The IPCop web-interface is very user-friendly and makes usage easy.
IPCop is a Linux-based OS that helps secure your home or company’s network. It does not include a graphical interface. It is operated entirely by command line, which may make it difficult for some users to install and set up.


8. Shorewall (www.shorewall.org)
Shorewall is a gateway/firewall configuration tool for GNU/Linux.
Shorewall is a free Linux firewall that can be installed on servers or routers. However, it is not designed for installation on virtual machines. It is categorized as IPtables configuration tool and can transform a server into a hardware firewall appliance.


9. VyOS (www.vyos.io)
yOS is an open-source network operating system based on GNU/Linux that provides a unified management interface for all functions like traditional hardware routers.
VyOS provides a free routing platform that competes directly with other commercially available solutions from well-known network providers.


10. CSF – ConfigServer Security and Firewall (https://configserver.com/configserver-security-and-firewall/)
A Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.
csf (ConfigServer security) is supported and tested on the following OS and virtual servers.



Write by SysAdmin Knowledge
https://www.sysadmin.in.th
January 21, 2023

Explore More

การ clone ระบบปฏิบัติการบน VMWare

การโคลนนิ่งระบบปฏิบัติการที่ติดตั้งบน VMWare Workstation 1. ทำการปิดการใช้งานระบบปฏิบัติการหลัก 2. คลิกที่ระบบปฏิบัติการหลัก 3. คลิกที่เมนู VM > Manage > Clone หรือคลิกขวาที่ระบบปฏิบัติการหลัก > Manage > Clone — Write by SysAdmin Knowledge https://www.sysadmin.in.th January 8, 2023  

โปรแกรมสำหรับควบคุมเครื่องระยะไกล (Remote Access Service)

ปัจจุบันโปรแกรมที่ใช้ในการควบคุมเครื่องระยะไกลมีให้เลือกใช้งานหลายค่ายด้วยกัน ทั้งซฮฟต์แวร์เชิงการค้า และซอฟต์แวร์ในรูปแบบ Open Source การเลือกใช้งานทูลตัวใดขึ้นอยู่กับความพร้อมและทักษะของผู้ดูแลระบบ ในที่นี้ขอยกตัวอย่างทูลที่ได้รับความนิยมในตลาด

ทูลด้านความมั่นคงปลอดภัยทางไซเบอร์ (Cyber Security Tools)

ปัจจุบันทูลสำหรับใช้ในการตรวจสอบด้านความปลอดภัยทางไซเบอร์บนระบบ Linux  มีให้เลือกใช้งานมากมาย  ในที่นี้ขอแนะนำตัวอย่างทูลที่ทีม Red Team มักใช้งาน  ทูลรวบรวมข้อมูลและการสำรวจ (Reconnaissance and Information Gathering) 1. Nmap : ทูลตรวจสอบ สแกนเครือข่ายและประเมินช่องโหว่ 2. Recon-ng : สำรวจข้อมูลบนเว็บที่มีการออกแบบแบบโมดูล 3. Maltego : ทูลวิเคราะห์และเชื่อมโยงข้อมูลสำหรับ OSINT (Open-source Intelligence) 4. theHarvester […]